Skip links

Microsoft Exchange discovers another security vulnerability

Affected users are urged to download the patch immediately

Earlier this month, Microsoft announced they were aware of a bug that has put some versions of their Exchange program at risk of exploitation.

This bug not only impacts on-premises Exchange Servers, but also those used by customers in Exchange Hybrid mode as well. If exploited, it would allow attackers to execute code remotely on vulnerable servers.

Exchange servers currently vulnerable to this bug are:

  • 2013 CU23
  • 2016 CU21, CU22
  • 2019 CU10, CU11

Over the weekend, Microsoft released a patch to rectify this situation. Users affected by this bug are strongly urged to download the patch immediately.

This is the second major attack Exchange has experienced this year.  ProxyLogon and ProxyShell security vulnerabilities have become the latest targets. If these vulnerabilities are exploited, they can unleash a slew of security risks like ransomware, and other malware.

One reoccurring theme of security breaches is out-of-date security systems. The updates may appear minor, but in actuality, keeping systems up-to-date is crucial to combating cyberattacks.

If you have questions regarding how we plan to handle this situation moving forward, please give us a call today.